<?php
require('functions/page_load.php');

$testimonials_nav = true;

if(isset($_GET['delete'])){

$sql = "DELETE FROM testimonials WHERE id = '".mysql_real_escape_string($_GET['delete'])."'";
$query = mysql_query( $sql ) or die ("Error in query: $sql. " . mysql_error());

}

// load pages

$sql = "SELECT id, name FROM testimonials ORDER BY id DESC";
$query = mysql_query( $sql ) or die ("Error in query: $sql. " . mysql_error());

while($rs = mysql_fetch_assoc($query)){
$content.='<tr><td align="left"><a href="edit_testimonial.php?id='.$rs['id'].'">'.$rs['name'].'</a></td><td><a href="edit_testimonial.php?id='.$rs['id'].'" title="Edit"><img src="images/edit.png" alt="Edit" /></a></td><td><a onclick="confirm_delete(\'?delete='.$rs['id'].'\',\'this testimonial\');" title="Delete"><img src="images/delete.png" alt="Delete" /></a></td></tr>';
}

require('includes/header.php');
?>

<div class="main_container_wrapper">

	<div class="main_container">
	<h2 class="container_header">Testimonials</h2>
	<a href="add_testimonial.php" class="create_button">Add new testimonial</a>

	<table width="100%" cellpadding="0" cellspacing="0" class="cms_table">
	<thead><tr><th align="left">Source</th><th width="50">Edit</th><th width="50">Delete</th></tr></thead>
	<tbody>
	<?php echo $content; ?>
	</tbody></table>

	</div>

</div>
	
<?php
	require('includes/footer.php');
?>